package com.zhuiyun.project.security.customizelogin.email;

import com.zhuiyun.project.api.system.user.entity.TenantUser;
import com.zhuiyun.project.api.system.user.service.SysUserService;
import com.zhuiyun.project.common.errorCode.EmErrorCode;
import com.zhuiyun.project.security.commonhandler.RequestMethodVerification;
import com.zhuiyun.project.security.commonhandler.SecurityLoginUser;
import com.zhuiyun.project.security.commonhandler.SecurityLoginUserVerification;
import com.zhuiyun.project.utils.constants.CommonConstants;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;

/**
 * @ClassName CustomLoginFilter
 * @Description 自定义邮箱验证码登录逻辑
 *  filter 获得 用户名（邮箱） 和 密码（验证码） 装配到 token 上 ，
 *  * 然后把token 交给 provider 进行授权
 * @Author zcy
 * @Date 2023/4/5 11:34
 **/
public class EmailCodeAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    public EmailCodeAuthenticationFilter(String defaultFilterProcessesUrl) {
        super(defaultFilterProcessesUrl);
    }

    protected EmailCodeAuthenticationFilter(String defaultFilterProcessesUrl, AuthenticationManager authenticationManager) {
        super(defaultFilterProcessesUrl, authenticationManager);
    }
    @Autowired
    SysUserService sysUserService;

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
        // 仅使用POST方法提交
        RequestMethodVerification.postVerification(request);
        // 获取登录信息
        SecurityLoginUser loginUser = SecurityLoginUserVerification.getLoginUser(request);
        String emailAccount = loginUser.getUsername();
        // 从请求中获取验证码
        String emailCode = loginUser.getCode();
        //验证emailAccount是否为空
        SecurityLoginUserVerification.vitParams(emailAccount,EmErrorCode.EMAIL_IS_NULL.getErrMsg());
        //验证emailCode是否为空
        SecurityLoginUserVerification.vitParams(emailCode,EmErrorCode.CODE_IS_NULL.getErrMsg());
        // 查看code在redis中是否过期
        String key = CommonConstants.CACHE_EMAIL_CODE + emailCode;
        SecurityLoginUserVerification.VitRedisKey(key,EmErrorCode.CODE_IS_ERROR.getErrMsg());
        //验证用户是否存在
        TenantUser user = sysUserService.getUserByEmailAccount(emailAccount);
        SecurityLoginUserVerification.vitParams(user,EmErrorCode.USER_NOT_EXIST.getErrMsg());
        EmailCodeAuthenticationToken token = new EmailCodeAuthenticationToken(user,emailCode, new ArrayList());
        //获取 头部信息 让合适的provider 来验证他
        token.setDetails(this.authenticationDetailsSource.buildDetails(request));
        //交给 manager 发证
        return this.getAuthenticationManager().authenticate(token);
    }
}
